State computers hit with suspected malware attack

About 100 state computers may have been infected with a malware program, though officials said it's too early to know the program's intent.

Author:
William Pitts

Published:
7:02 PM MST January 10, 2017

Updated:
7:02 PM MST January 10, 2017

PHOENIX - About 100 state computers may have been infected with a malware program, though officials said it's too early to know the program's intent.

A spokesperson from the Arizona Department of Administration confirmed Tuesday that some state employees in the Legislative branch received emails telling them to change their passwords in the state's human resources program, called HRIS.

When the clicked the link, the spokesperson said those employees were taken to the HRIS homepage and found it was written entirely in Russian.

Those employees have been told to change all of their passwords and the computers are in the process of being reformatted, the spokesperson said.

Department of Administration officials are looking closely at the malware, which they said appeared to only change the language settings on infected computers. However, the officials said they don't know what the purpose of that might be, but speculated the malware might also have a program that logs keystrokes in order to steal passwords and usernames.

HRIS contains personal information, including names and social security numbers, of all Arizona state employees.

The Department of Administration said it does not appear that anyone successfully breached the HRIS system.